World Backup Day: Check Out the Changes of 3-2-1 Rule

World Backup Day

World Backup Day is observed every March 31 as a way to bring attention to the importance of backing up your data.

What is Backup?

A backup is a copy of the data you don’t want to lose — for example, family photos, home videos, documents and emails. Instead of storing it all in one place (like your computer or smartphone), you keep a copy of everything somewhere safe.

Why Backup?

Backing up your data is a safeguard in case you ever lose that which you value while it sits on your devices such as a desktop computer, phone, or server. If that valuable data is lost, by backing it up you now can restore that original information. According to the World Backup Day website, losing data is more common than you might think.

  • 21% of people have never made a backup
  • 113 phones lost or stolen every minute
  • 29% of data loss cases are caused by accident
  • 30% of all computers are already infected with malware

Robin Fischer, NetGain Consulting Systems Engineer, discusses changes to the important and valuable 3-2-1 rule of data backup.

World Backup Day
Robin Fischer, NetGain Consulting Systems Engineer

What Has Changed with Backup Strategies?

The 3-2 -1 rule still applies but has changed a bit.

  • 3 copies of data
  • 2 different pieces of media
  • 1 backup has to be off-site

The new rule is the 3 – 2 – 1 – 1 – 0 Rule (NIST Cybersecurity Framework)

  • 3 copies of data
  • 2 different pieces of media
  • 1 copy (at least) stored off-site
  • 1 copy (at least) stored offline
  • 0 verified backups with no errors (tested)

Backups can help you simply restore files an employee deletes by accident, or they can help get your business back up and running after a natural or self-inflicted disaster using site recovery.

As threat landscapes evolve and backups are becoming a prime target for hackers, the rules for backup strategies have changed in order to defend against these types of threats. If a cyber criminal encrypts your backup through a ransomware attack, it increases their chances of getting a ransom payment since you no longer have an easy option to restore your data.

If you have sensitive data, cyber criminals will work to exfiltrate that data and demand a ransom payment or else publish your sensitive data publicly. Ideally, you want to prevent cyber criminals from gaining access to your data in the first place. However, if your first lines of defense against an attack fail, backups are your next best option.

Trust us, you do not want to be in a situation where you have no means to recover your data and are forced to fall to the mercy of your attackers. Backup data is a primary target for encryption of data. If your backup files are encrypted, you have no way to recover, and that is exactly what the cyber criminals are hoping to accomplish.

How do you protect yourself?

There is no simple answer and opinions vary. There are several methods you can use to mitigate any risks to your backup data. One great method is to separate your active networks (workstations, cell phones and other daily use devices) from your backup infrastructure network. Active networks are inherently more exposed to threats because of a little thing we like to call users.

Here are some tips to help minimize the risks:

  • Separate your authentication to your backup servers from Active Directory. If your Active Directory has been compromised, your backup servers will most likely fall to compromise as well.
  • Disable Remote Desktop Protocol from the backup server.
  • Implement multi-factor authentication for any authentication to the backup server.
  • Utilize a strong password on the backup server.
  • Separate the management network and backup network from the production network and require a VPN to access the network housing your backup infrastructure.
  • Disable Internet access from the management and backup network, and only allow access to trusted sites that are required for functionality, i.e., update sites for patching, connected backup cloud services.
  • Implement Data Immutability with an immutability period of 7-21 days. (Data immutability is data that cannot be deleted or modified for a certain length of time.)
  • Utilize hardware devices that support encryption and proprietary data movers, such as HPE’s Catalyst and Dell EMC’s DDBoost.
  • If you are utilizing cloud services, many of them offer data immutability.
  • Have your backup environment scanned for vulnerabilities by a professional cyber risk team.
  • Test your backups regularly to ensure you will be able to restore your data if it is compromised.

For more information on backup or on how to secure your business data, contact us today.

Related Posts